{"vulnerability": "CVE-2026-15013", "sightings": [{"uuid": "0d9f084f-5e3c-4e91-8c0d-c0f97228c241", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-15013", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116928127100536568", "content": "CVE-2026-15013 | CRITICAL vuln in cyberlord92 SAML SSO Login (\u22645.4.3): Signature verification flaw enables authentication bypass &amp; admin account takeover. Disable plugin until patched. https://radar.offseq.com/threat/cve-2026-15013-cwe-347-improper-verification-of-cr-9c8a5e33bdf9b83d #OffSeq #WordPress #CVE202615013 #SAML #Vuln", "creation_timestamp": "2026-07-16T06:00:27.844616Z"}, {"uuid": "cd6b6a30-7216-4ea4-9c61-781b321c930f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-15013", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mqqko4sy4f2z", "content": "CRITICAL: cyberlord92 SAML SSO Login for WordPress (\u22645.4.3) vulnerable to authentication bypass via signature confusion. Disable plugin or restrict usage until patch is available. https://radar.offseq.com/threat/cve-2026-15013-cwe-347-improper-verification-of-cr-9c8a5e33bdf9b83d #OffSeq #WordPres...", "creation_timestamp": "2026-07-16T06:00:29.820531Z"}, {"uuid": "09afc881-5951-403f-ac2d-563187ef7ddc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15013", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqqm3vnfg22u", "content": "CVE-2026-15013\nThe WordPress SAML SSO plugin has a security flaw that allows hackers to take control of any WordPress account, including administrator accounts. This is a serious issue because it allows unauthorized access to\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#CVE #infosec", "creation_timestamp": "2026-07-16T06:26:05.743680Z"}, {"uuid": "d0f3094b-8a60-4ada-b39b-8d6c377902cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15013", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqqngutwmi22", "content": "CVE-2026-15013 - SAML Single Sign On\nCVE ID : CVE-2026-15013\n \n Published : July 16, 2026, 5:16 a.m. | 1\u00a0hour, 18\u00a0minutes ago\n \n Description : The SAML Single Sign On \u2013 SSO Login plugin for WordPress is vulnerable to Authentication Bypass via SAML Signature Algorithm Confusion...", "creation_timestamp": "2026-07-16T06:50:07.333405Z"}, {"uuid": "7220057b-71e9-4600-8677-82e0fd466a0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15013", "type": "seen", "source": "https://bsky.app/profile/pulse-wp.com/post/3mqr6raztph24", "content": "CVE-2026-15013. SAML SSO plugin. 9.8/10 critical.\n\nAttackers bypass login entirely. No credentials needed. They become admin.\n\nYour user database. Site control. Gone.\n\nUpdate to 5.4.3 now.\n\nScan your WordPress site: pulse-wp.com\n#WordPress #CVE #CyberSecurity", "creation_timestamp": "2026-07-16T12:00:09.207412Z"}]}